Hackers broke into the servers of Zappos, the online shoe store owned by Amazon (AMZN), exposing...

Hackers broke into the servers of Zappos, the online shoe store owned by Amazon (AMZN), exposing the names, addresses, phone numbers and the last four digits of credit cards of ~24M customer accounts. The incident underlines the need for e-commerce sites to maintain transparency and user trust even as they're targeted by hackers.

Instead of targeting Gibson Guitar for using Indian Rosewood, how about a Justice Dept. investigation and prosecution of some high-profile hackers (assuming jurisdiction)? That way they won't all be anonymous. A ten-year year stretch in Leavenworth might take some of the fun off the techno-vandalism.

I read this on Reuters instead of WSJ and given the lack of detail it's difficult to be sure, but it appears this is fully Zappos failure and completely their fault.

In this 21st century easily-hacked world, there is no excuse for storing any data whatsoever in an unencrypted state. Due to the number of records retrieved, I have to assume the hackers gained access to a database of customer records. ALL names, addresses and phone numbers must be encrypted. After Sony's blunder last year, Zappos' negligence is unfathomable.

This was news yesterday. I agree it is amazing that Zappos kept accessible customer data like this. Obviously, they didn't put revenue towards keeping their IT up to date and cared less about security. Perhaps they used all the money for data mining customers dry. Now their hacked customers will be data mined by crooks. Smooth move.